At DesignFiles, your data’s protection is our top priority. So you can design without worry. Here are all the measures we have in place to make sure your work is safe, always.
We protect your data
All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.
Your data is sent using HTTPS
Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS (via 256-bit SSL Encryption).
Any files which you upload to us are stored and are encrypted at rest. Our application databases are generally not encrypted at rest — the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems.
Full redundancy for all major systems
The data centers that host DesignFiles are designed to anticipate and tolerate failure while maintaining service levels. In case of failure, automated processes move traffic away from the affected area. Core applications are deployed to an N+1 standard, so that in the event of a data center failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.
Our state-of-the-art server partners (Amazon Web Services) are protected by biometric locks and round-the-clock interior and exterior surveillance monitoring. Only authorized personnel have access to the data center. 24/7/365 onsite staff provides additional protection against unauthorized entry and security breaches.
At DesignFiles, all new hires, regardless of role, are trained on up-to-date security policies and industry standards.
Your data is your property and will never be sold to third parties. We will only access your DesignFiles account with your permission, in the case of suspicious account activity or if we suspect the DesignFiles terms of service are being violated. All employee access to your data is monitored, persisted, and reviewed.
We protect your billing info and passwords
DesignFiles does not process or store any credit card details belonging to you or your customers on DesignFiles services. All credit card transactions are processed using secure encryption (via Stripe) — the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI Service Provider Level 1 network.
Your password is encrypted and never stored in our database in a readable/unencrypted format. You are responsible for choosing a strong password and keeping it secret.
We have a team dedicated to maintaining your account’s security on our systems and monitoring tools we’ve set up to alert us to any nefarious activity against our domains. To date, we’ve never had a data breach.
We have processes and defenses in place to keep our streak of 0 data breaches going. But in the unfortunate circumstances someone malicious does successfully mount an attack, we will immediately notify all affected customers.
Security awareness and training
All DesignFiles employees, upon initial hire and annually, go through security awareness training. This training includes some of the best practices and guidelines from the security industry.
Responsible disclosure policy
DesignFiles aims to keep our service safe for everyone, and data security is of utmost priority. If you are a security researcher and have discovered a security vulnerability in our service, we appreciate your help in disclosing it to us in a responsible manner. Please share the details of any suspected vulnerabilities with the DesignFiles Security Team by sending an email to firstname.lastname@example.org.
Changes & questions
We will update our security measures as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our security policies, we will also announce them on our company blog.
Have any questions, comments, or concerns about the security of your data, or your rights with respect to your information? Please get in touch by emailing us at email@example.com and we’ll be happy to answer them.